Vulnerabilities > CVE-2004-1455 - Remote Buffer Overflow vulnerability in Xine-Lib

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

xine

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL.

Vulnerable Configurations

Part	Description	Count
Application	Xine Xine Xine LIB 1_Beta1 Xine Xine LIB 1_Beta2 Xine Xine LIB 1_Beta3 Xine Xine LIB 1_Beta4 Xine Xine LIB 1_Beta5 Xine Xine LIB 1_Beta6 Xine Xine LIB 1_Beta7 Xine Xine LIB 1_Beta8 Xine Xine LIB 1_Beta9 Xine Xine LIB 1_Beta10 Xine Xine LIB 1_Beta11 Xine Xine LIB 1_Rc2 Xine Xine LIB 1_Rc3A Xine Xine LIB 1_Rc3B Xine Xine LIB 1_Rc3C Xine Xine LIB 1_Rc4 Xine Xine LIB 1_Rc5 Xine Xine LIB 1_Rc5_R2	18

References

http://marc.info/?l=bugtraq&m=109284737628045&w=2
http://open-security.org/advisories/6
http://secunia.com/advisories/12194/
http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml
http://www.securityfocus.com/bid/10890
https://exchange.xforce.ibmcloud.com/vulnerabilities/16930